Adam, you wrote: > setuid scripts are insecure because the interpreter (the > shell) is not designed to be secure. Trying to patch it to make it > secure is the wrong answer. The right answer is to build little > setuid tools that do exactly and only what you need, such as the > port20 tool mentioned in Cheswick & Bellovin. Adam- I wonder if you would expand on this. I thought the basic problem with the idea of suid #!/bin/interpreter scripts is the race condition just described. What other basic problems exist with suid #! scripts that are unique to these scripts? My counter to your statement: Once the race condition is fixed then secure suid shell programming is no more a problem than is writing secure suid programs in C or perl or any other language. The issues that arise seem to come from not understanding the environment - things like IFS or the LD* variables or relative paths, etc. Quentin